From 02430a72630b66875fcfe5f44cc1384fa2fdd423 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0pa=C4=8Dek?= Date: Fri, 3 Mar 2023 16:21:03 +0100 Subject: [PATCH] Clarify qname-minimization relaxed in the ARM Leading underscore in qname confused some users, and it was not documented. --- doc/arm/reference.rst | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index daaa04c283..f380234bc1 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -1392,14 +1392,20 @@ default is used. :tags: query :short: Controls QNAME minimization behavior in the BIND 9 resolver. - This option controls QNAME minimization behavior in the BIND - resolver. When set to ``strict``, BIND follows the QNAME + When this is set to ``strict``, BIND follows the QNAME minimization algorithm to the letter, as specified in :rfc:`7816`. + Setting this option to ``relaxed`` causes BIND to fall back to normal (non-minimized) query mode when it receives either NXDOMAIN or other unexpected responses (e.g., SERVFAIL, improper zone cut, - REFUSED) to a minimized query. ``disabled`` disables QNAME - minimization completely. ``off`` is a synonym for ``disabled``. The current default is ``relaxed``, but it + REFUSED) to a minimized query. A resolver can use a leading + underscore, like ``_.example.com``, in an attempt to improve + interoperability. (See :rfc:`7816` section 3.) + + ``disabled`` disables QNAME minimization completely. + ``off`` is a synonym for ``disabled``. + + The current default is ``relaxed``, but it may be changed to ``strict`` in a future release. .. namedconf:statement:: tkey-gssapi-keytab